<?php
// by Edd Dumbill (C) 1999-2002
// <edd@usefulinc.com>
// $Id: xmlrpcs.inc,v 1.67 2007/05/22 21:31:58 ggiunta Exp $

// Copyright (c) 1999,2000,2002 Edd Dumbill.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
//
//    * Redistributions of source code must retain the above copyright
//      notice, this list of conditions and the following disclaimer.
//
//    * Redistributions in binary form must reproduce the above
//      copyright notice, this list of conditions and the following
//      disclaimer in the documentation and/or other materials provided
//      with the distribution.
//
//    * Neither the name of the "XML-RPC for PHP" nor the names of its
//      contributors may be used to endorse or promote products derived
//      from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
// OF THE POSSIBILITY OF SUCH DAMAGE.

// Do not allow direct access
defined( '_JEXEC' ) or die( 'Restricted access' );

	// XML RPC Server class
	// requires: xmlrpc.inc

	$GLOBALS['xmlrpcs_capabilities'] = array(
		// xmlrpc spec: always supported
		'xmlrpc' => new xmlrpcval(array(
			'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'),
			'specVersion' => new xmlrpcval(1, 'int')
		), 'struct'),
		// if we support system.xxx functions, we always support multicall, too...
		// Note that, as of 2006/09/17, the following URL does not respond anymore
		'system.multicall' => new xmlrpcval(array(
			'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'),
			'specVersion' => new xmlrpcval(1, 'int')
		), 'struct'),
		// introspection: version 2! we support 'mixed', too
		'introspection' => new xmlrpcval(array(
			'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'),
			'specVersion' => new xmlrpcval(2, 'int')
		), 'struct')
	);

	/* Functions that implement system.XXX methods of xmlrpc servers */
	$_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct']));
	$_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to';
	$_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec'));
	function _xmlrpcs_getCapabilities($server, $m=null)
	{
		$outAr = $GLOBALS['xmlrpcs_capabilities'];
		// NIL extension
		if ($GLOBALS['xmlrpc_null_extension']) {
			$outAr['nil'] = new xmlrpcval(array(
				'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'),
				'specVersion' => new xmlrpcval(1, 'int')
			), 'struct');
		}
		return new xmlrpcresp(new xmlrpcval($outAr, 'struct'));
	}

	// listMethods: signature was either a string, or nothing.
	// The useless string variant has been removed
	$_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray']));
	$_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch';
	$_xmlrpcs_listMethods_sdoc=array(array('list of method names'));
	function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing
	{

		$outAr=array();
		foreach($server->dmap as $key => $val)
		{
			$outAr[]=&new xmlrpcval($key, 'string');
		}
		if($server->allow_system_funcs)
		{
			foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val)
			{
				$outAr[]=&new xmlrpcval($key, 'string');
			}
		}
		return new xmlrpcresp(new xmlrpcval($outAr, 'array'));
	}

	$_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString']));
	$_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)';
	$_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described'));
	function _xmlrpcs_methodSignature($server, $m)
	{
		// let accept as parameter both an xmlrpcval or string
		if (is_object($m))
		{
			$methName=$m->getParam(0);
			$methName=$methName->scalarval();
		}
		else
		{
			$methName=$m;
		}
		if(strpos($methName, "system.") === 0)
		{
			$dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
		}
		else
		{
			$dmap=$server->dmap; $sysCall=0;
		}
		if(isset($dmap[$methName]))
		{
			if(isset($dmap[$methName]['signature']))
			{
				$sigs=array();
				foreach($dmap[$methName]['signature'] as $inSig)
				{
					$cursig=array();
					foreach($inSig as $sig)
					{
						$cursig[]=&new xmlrpcval($sig, 'string');
					}
					$sigs[]=&new xmlrpcval($cursig, 'array');
				}
				$r=&new xmlrpcresp(new xmlrpcval($sigs, 'array'));
			}
			else
			{
				// NB: according to the official docs, we should be returning a
				// "none-array" here, which means not-an-array
				$r=&new xmlrpcresp(new xmlrpcval('undef', 'string'));
			}
		}
		else
		{
			$r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
		}
		return $r;
	}

	$_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString']));
	$_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string';
	$_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described'));
	function _xmlrpcs_methodHelp($server, $m)
	{
		// let accept as parameter both an xmlrpcval or string
		if (is_object($m))
		{
			$methName=$m->getParam(0);
			$methName=$methName->scalarval();
		}
		else
		{
			$methName=$m;
		}
		if(strpos($methName, "system.") === 0)
		{
			$dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
		}
		else
		{
			$dmap=$server->dmap; $sysCall=0;
		}
		if(isset($dmap[$methName]))
		{
			if(isset($dmap[$methName]['docstring']))
			{
				$r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string');
			}
			else
			{
				$r=&new xmlrpcresp(new xmlrpcval('', 'string'));
			}
		}
		else
		{
			$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
		}
		return $r;
	}

	$_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray']));
	$_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details';
	$_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"'));
	function _xmlrpcs_multicall_error($err)
	{
		if(is_string($err))
		{
			$str = $GLOBALS['xmlrpcstr']["multicall_${err}"];
			$code = $GLOBALS['xmlrpcerr']["multicall_${err}"];
		}
		else
		{
			$code = $err->faultCode();
			$str = $err->faultString();
		}
		$struct = array();
		$struct['faultCode'] =& new xmlrpcval($code, 'int');
		$struct['faultString'] =& new xmlrpcval($str, 'string');
		return new xmlrpcval($struct, 'struct');
	}

	function _xmlrpcs_multicall_do_call($server, $call)
	{
		if($call->kindOf() != 'struct')
		{
			return _xmlrpcs_multicall_error('notstruct');
		}
		$methName = @$call->structmem('methodName');
		if(!$methName)
		{
			return _xmlrpcs_multicall_error('nomethod');
		}
		if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string')
		{
			return _xmlrpcs_multicall_error('notstring');
		}
		if($methName->scalarval() == 'system.multicall')
		{
			return _xmlrpcs_multicall_error('recursion');
		}

		$params = @$call->structmem('params');
		if(!$params)
		{
			return _xmlrpcs_multicall_error('noparams');
		}
		if($params->kindOf() != 'array')
		{
			return _xmlrpcs_multicall_error('notarray');
		}
		$numParams = $params->arraysize();

		$msg =& new xmlrpcmsg($methName->scalarval());
		for($i = 0; $i < $numParams; $i++)
		{
			if(!$msg->addParam($params->arraymem($i)))
			{
				$i++;
				return _xmlrpcs_multicall_error(new xmlrpcresp(0,
					$GLOBALS['xmlrpcerr']['incorrect_params'],
					$GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i));
			}
		}

		$result = $server->execute($msg);

		if($result->faultCode() != 0)
		{
			return _xmlrpcs_multicall_error($result);		// Method returned fault.
		}

		return new xmlrpcval(array($result->value()), 'array');
	}

	function _xmlrpcs_multicall_do_call_phpvals($server, $call)
	{
		if(!is_array($call))
		{
			return _xmlrpcs_multicall_error('notstruct');
		}
		if(!array_key_exists('methodName', $call))
		{
			return _xmlrpcs_multicall_error('nomethod');
		}
		if (!is_string($call['methodName']))
		{
			return _xmlrpcs_multicall_error('notstring');
		}
		if($call['methodName'] == 'system.multicall')
		{
			return _xmlrpcs_multicall_error('recursion');
		}
		if(!array_key_exists('params', $call))
		{
			return _xmlrpcs_multicall_error('noparams');
		}
		if(!is_array($call['params']))
		{
			return _xmlrpcs_multicall_error('notarray');
		}

		// this is a real dirty and simplistic hack, since we might have received a
		// base64 or datetime values, but they will be listed as strings here...
		$numParams = count($call['params']);
		$pt = array();
		foreach($call['params'] as $val)
			$pt[] = php_2_xmlrpc_type(gettype($val));

		$result = $server->execute($call['methodName'], $call['params'], $pt);

		if($result->faultCode() != 0)
		{
			return _xmlrpcs_multicall_error($result);		// Method returned fault.
		}

		return new xmlrpcval(array($result->value()), 'array');
	}

	function _xmlrpcs_multicall($server, $m)
	{
		$result = array();
		// let accept a plain list of php parameters, beside a single xmlrpc msg object
		if (is_object($m))
		{
			$calls = $m->getParam(0);
			$numCalls = $calls->arraysize();
			for($i = 0; $i < $numCalls; $i++)
			{
				$call = $calls->arraymem($i);
				$result[$i] = _xmlrpcs_multicall_do_call($server, $call);
			}
		}
		else
		{
			$numCalls=count($m);
			for($i = 0; $i < $numCalls; $i++)
			{
				$result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]);
			}
		}

		return new xmlrpcresp(new xmlrpcval($result, 'array'));
	}

	$GLOBALS['_xmlrpcs_dmap']=array(
		'system.listMethods' => array(
			'function' => '_xmlrpcs_listMethods',
			'signature' => $_xmlrpcs_listMethods_sig,
			'docstring' => $_xmlrpcs_listMethods_doc,
			'signature_docs' => $_xmlrpcs_listMethods_sdoc),
		'system.methodHelp' => array(
			'function' => '_xmlrpcs_methodHelp',
			'signature' => $_xmlrpcs_methodHelp_sig,
			'docstring' => $_xmlrpcs_methodHelp_doc,
			'signature_docs' => $_xmlrpcs_methodHelp_sdoc),
		'system.methodSignature' => array(
			'function' => '_xmlrpcs_methodSignature',
			'signature' => $_xmlrpcs_methodSignature_sig,
			'docstring' => $_xmlrpcs_methodSignature_doc,
			'signature_docs' => $_xmlrpcs_methodSignature_sdoc),
		'system.multicall' => array(
			'function' => '_xmlrpcs_multicall',
			'signature' => $_xmlrpcs_multicall_sig,
			'docstring' => $_xmlrpcs_multicall_doc,
			'signature_docs' => $_xmlrpcs_multicall_sdoc),
		'system.getCapabilities' => array(
			'function' => '_xmlrpcs_getCapabilities',
			'signature' => $_xmlrpcs_getCapabilities_sig,
			'docstring' => $_xmlrpcs_getCapabilities_doc,
			'signature_docs' => $_xmlrpcs_getCapabilities_sdoc)
	);

	$GLOBALS['_xmlrpcs_occurred_errors'] = '';
	$GLOBALS['_xmlrpcs_prev_ehandler'] = '';
	/**
	* Error handler used to track errors that occur during server-side execution of PHP code.
	* This allows to report back to the client whether an internal error has occurred or not
	* using an xmlrpc response object, instead of letting the client deal with the html junk
	* that a PHP execution error on the server generally entails.
	*
	* NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors.
	*
	*/
	function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null)
	{
		// obey the @ protocol
		if (error_reporting() == 0)
			return;

		//if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING)
		if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined
		{
			$GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n";
		}
		// Try to avoid as much as possible disruption to the previous error handling
		// mechanism in place
		if($GLOBALS['_xmlrpcs_prev_ehandler'] == '')
		{
			// The previous error handler was the default: all we should do is log error
			// to the default error log (if level high enough)
			if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode))
			{
				error_log($errstring);
			}
		}
		else
		{
			// Pass control on to previous error handler, trying to avoid loops...
			if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler')
			{
				// NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers
				if(is_array($GLOBALS['_xmlrpcs_prev_ehandler']))
				{
					$GLOBALS['_xmlrpcs_prev_ehandler'][0]->$GLOBALS['_xmlrpcs_prev_ehandler'][1]($errcode, $errstring, $filename, $lineno, $context);
				}
				else
				{
					$GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context);
				}
			}
		}
	}

	$GLOBALS['_xmlrpc_debuginfo']='';

	/**
	* Add a string to the debug info that can be later seralized by the server
	* as part of the response message.
	* Note that for best compatbility, the debug string should be encoded using
	* the $GLOBALS['xmlrpc_internalencoding'] character set.
	* @param string $m
	* @access public
	*/
	function xmlrpc_debugmsg($m)
	{
		$GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n";
	}

	class xmlrpc_server
	{
		/// array defining php functions exposed as xmlrpc methods by this server
		var $dmap=array();
		/**
		* Defines how functions in dmap will be invokde: either using an xmlrpc msg object
		* or plain php values.
		* valid strings are 'xmlrpcvals', 'phpvals' or 'epivals'
		*/
		var $functions_parameters_type='xmlrpcvals';
		/// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3
		var $debug = 1;
		/**
		* When set to true, it will enable HTTP compression of the response, in case
		* the client has declared its support for compression in the request.
		*/
		var $compress_response = false;
		/**
		* List of http compression methods accepted by the server for requests.
		* NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib
		*/
		var $accepted_compression = array();
		/// shall we serve calls to system.* methods?
		var $allow_system_funcs = true;
		/// list of charset encodings natively accepted for requests
		var $accepted_charset_encodings = array();
		/**
		* charset encoding to be used for response.
		* NB: if we can, we will convert the generated response from internal_encoding to the intended one.
		* can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled),
		* null (leave unspecified in response, convert output stream to US_ASCII),
		* 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed),
		* or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway).
		* NB: pretty dangerous if you accept every charset and do not have mbstring enabled)
		*/
		var $response_charset_encoding = '';
		/// storage for internal debug info
		var $debug_info = '';
		/// extra data passed at runtime to method handling functions. Used only by EPI layer
		var $user_data = null;

		/**
		* @param array $dispmap the dispatch map withd efinition of exposed services
		* @param boolean $servicenow set to false to prevent the server from runnung upon construction
		*/
		function xmlrpc_server($dispMap=null, $serviceNow=true)
		{
			// if ZLIB is enabled, let the server by default accept compressed requests,
			// and compress responses sent to clients that support them
			if(function_exists('gzinflate'))
			{
				$this->accepted_compression = array('gzip', 'deflate');
				$this->compress_response = true;
			}

			// by default the xml parser can support these 3 charset encodings
			$this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');

			// dispMap is a dispatch array of methods
			// mapped to function names and signatures
			// if a method
			// doesn't appear in the map then an unknown
			// method error is generated
			/* milosch - changed to make passing dispMap optional.
			 * instead, you can use the class add_to_map() function
			 * to add functions manually (borrowed from SOAPX4)
			 */
			if($dispMap)
			{
				$this->dmap = $dispMap;
				if($serviceNow)
				{
					$this->service();
				}
			}
		}

		/**
		* Set debug level of server.
		* @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments)
		* 0 = no debug info,
		* 1 = msgs set from user with debugmsg(),
		* 2 = add complete xmlrpc request (headers and body),
		* 3 = add also all processing warnings happened during method processing
		* (NB: this involves setting a custom error handler, and might interfere
		* with the standard processing of the php function exposed as method. In
		* particular, triggering an USER_ERROR level error will not halt script
		* execution anymore, but just end up logged in the xmlrpc response)
		* Note that info added at elevel 2 and 3 will be base64 encoded
		* @access public
		*/
		function setDebug($in)
		{
			$this->debug=$in;
		}

		/**
		* Return a string with the serialized representation of all debug info
		* @param string $charset_encoding the target charset encoding for the serialization
		* @return string an XML comment (or two)
		*/
		function serializeDebug($charset_encoding='')
		{
			// Tough encoding problem: which internal charset should we assume for debug info?
			// It might contain a copy of raw data received from client, ie with unknown encoding,
			// intermixed with php generated data and user generated data...
			// so we split it: system debug is base 64 encoded,
			// user debug info should be encoded by the end user using the INTERNAL_ENCODING
			$out = '';
			if ($this->debug_info != '')
			{
				$out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n";
			}
			if($GLOBALS['_xmlrpc_debuginfo']!='')
			{

				$out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n";
				// NB: a better solution MIGHT be to use CDATA, but we need to insert it
				// into return payload AFTER the beginning tag
				//$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n";
			}
			return $out;
		}

		/**
		* Execute the xmlrpc request, printing the response
		* @param string $data the request body. If null, the http POST request will be examined
		* @return xmlrpcresp the response object (usually not used by caller...)
		* @access public
		*/
		function service($data=null, $return_payload=false)
		{
			if ($data === null)
			{
				// workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA
				$ver = phpversion();
				if ($ver[0] >= 5)
				{
					$data = file_get_contents('php://input');
				}
				else
				{
					// Check if it has a value, if it doesn't have a value try and read php://input but supress the error
					// this will mimic returning an empty string, without a "cant find wrapper error" and allow backwards compat
					// php docs are unclear as to when this was added, works on php 4.4 at least, and probably 4.3
					$data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : @file_get_contents('php://input');
				}
			}
			$raw_data = $data;

			// reset internal debug info
			$this->debug_info = '';

			// Echo back what we received, before parsing it
			if($this->debug > 1)
			{
				$this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++");
			}

			$r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding);
			if (!$r)
			{
				$r=$this->parseRequest($data, $req_charset);
			}

			// save full body of request into response, for more debugging usages
			$r->raw_data = $raw_data;

			if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors'])
			{
				$this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" .
					$GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++");
			}

			$payload=$this->xml_header($resp_charset);
			if($this->debug > 0)
			{
				$payload = $payload . $this->serializeDebug($resp_charset);
			}

			// G. Giunta 2006-01-27: do not create response serialization if it has
			// already happened. Helps building json magic
			if (empty($r->payload))
			{
				$r->serialize($resp_charset);
			}
			$payload = $payload . $r->payload;

			if ($return_payload)
			{
				return $payload;
			}

			// if we get a warning/error that has output some text before here, then we cannot
			// add a new header. We cannot say we are sending xml, either...
			if(!headers_sent())
			{
				header('Content-Type: '.$r->content_type);
				// we do not know if client actually told us an accepted charset, but if he did
				// we have to tell him what we did
				header("Vary: Accept-Charset");

				// http compression of output: only
				// if we can do it, and we want to do it, and client asked us to,
				// and php ini settings do not force it already
				$php_no_self_compress = ini_get('zlib.output_compression') == '' && (ini_get('output_handler') != 'ob_gzhandler');
				if($this->compress_response && function_exists('gzencode') && $resp_encoding != ''
					&& $php_no_self_compress)
				{
					if(strpos($resp_encoding, 'gzip') !== false)
					{
						$payload = gzencode($payload);
						header("Content-Encoding: gzip");
						header("Vary: Accept-Encoding");
					}
					elseif (strpos($resp_encoding, 'deflate') !== false)
					{
						$payload = gzcompress($payload);
						header("Content-Encoding: deflate");
						header("Vary: Accept-Encoding");
					}
				}

				// do not ouput content-length header if php is compressing output for us:
				// it will mess up measurements
				if($php_no_self_compress)
				{
					header('Content-Length: ' . (int)strlen($payload));
				}
			}
			else
			{
				error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages');
			}

			print $payload;

			// return request, in case subclasses want it
			return $r;
		}

		/**
		* Add a method to the dispatch map
		* @param string $methodname the name with which the method will be made available
		* @param string $function the php function that will get invoked
		* @param array $sig the array of valid method signatures
		* @param string $doc method documentation
		* @access public
		*/
		function add_to_map($methodname,$function,$sig=null,$doc='')
		{
			$this->dmap[$methodname] = array(
				'function'	=> $function,
				'docstring' => $doc
			);
			if ($sig)
			{
				$this->dmap[$methodname]['signature'] = $sig;
			}
		}

		/**
		* Verify type and number of parameters received against a list of known signatures
		* @param array $in array of either xmlrpcval objects or xmlrpc type definitions
		* @param array $sig array of known signatures to match against
		* @access private
		*/
		function verifySignature($in, $sig)
		{
			// check each possible signature in turn
			if (is_object($in))
			{
				$numParams = $in->getNumParams();
			}
			else
			{
				$numParams = count($in);
			}
			foreach($sig as $cursig)
			{
				if(count($cursig)==$numParams+1)
				{
					$itsOK=1;
					for($n=0; $n<$numParams; $n++)
					{
						if (is_object($in))
						{
							$p=$in->getParam($n);
							if($p->kindOf() == 'scalar')
							{
								$pt=$p->scalartyp();
							}
							else
							{
								$pt=$p->kindOf();
							}
						}
						else
						{
							$pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4...
						}

						// param index is $n+1, as first member of sig is return type
						if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue'])
						{
							$itsOK=0;
							$pno=$n+1;
							$wanted=$cursig[$n+1];
							$got=$pt;
							break;
						}
					}
					if($itsOK)
					{
						return array(1,'');
					}
				}
			}
			if(isset($wanted))
			{
				return array(0, "Wanted ${wanted}, got ${got} at param ${pno}");
			}
			else
			{
				return array(0, "No method signature matches number of parameters");
			}
		}

		/**
		* Parse http headers received along with xmlrpc request. If needed, inflate request
		* @return null on success or an xmlrpcresp
		* @access private
		*/
		function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression)
		{
			// Play nice to PHP 4.0.x: superglobals were not yet invented...
			if(!isset($_SERVER))
			{
				$_SERVER = $GLOBALS['HTTP_SERVER_VARS'];
			}

			if($this->debug > 1)
			{
				if(function_exists('getallheaders'))
				{
					$this->debugmsg(''); // empty line
					foreach(getallheaders() as $name => $val)
					{
						$this->debugmsg("HEADER: $name: $val");
					}
				}

			}

			if(isset($_SERVER['HTTP_CONTENT_ENCODING']))
			{
				$content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']);
			}
			else
			{
				$content_encoding = '';
			}

			// check if request body has been compressed and decompress it
			if($content_encoding != '' && strlen($data))
			{
				if($content_encoding == 'deflate' || $content_encoding == 'gzip')
				{
					// if decoding works, use it. else assume data wasn't gzencoded
					if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression))
					{
						if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data))
						{
							$data = $degzdata;
							if($this->debug > 1)
							{
								$this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
							}
						}
						elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
						{
							$data = $degzdata;
							if($this->debug > 1)
								$this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
						}
						else
						{
							$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']);
							return $r;
						}
					}
					else
					{
						//error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
						$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']);
						return $r;
					}
				}
			}

			// check if client specified accepted charsets, and if we know how to fulfill
			// the request
			if ($this->response_charset_encoding == 'auto')
			{
				$resp_encoding = '';
				if (isset($_SERVER['HTTP_ACCEPT_CHARSET']))
				{
					// here we should check if we can match the client-requested encoding
					// with the encodings we know we can generate.
					/// @todo we should parse q=0.x preferences instead of getting first charset specified...
					$client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET']));
					// Give preference to internal encoding
					$known_charsets = array($this->internal_encoding, 'UTF-8', 'ISO-8859-1', 'US-ASCII');
					foreach ($known_charsets as $charset)
					{
						foreach ($client_accepted_charsets as $accepted)
							if (strpos($accepted, $charset) === 0)
							{
								$resp_encoding = $charset;
								break;
							}
						if ($resp_encoding)
							break;
					}
				}
			}
			else
			{
				$resp_encoding = $this->response_charset_encoding;
			}

			if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
			{
				$resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING'];
			}
			else
			{
				$resp_compression = '';
			}

			// 'guestimate' request encoding
			/// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check???
			$req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '',
				$data);

			return null;
		}

		/**
		* Parse an xml chunk containing an xmlrpc request and execute the corresponding
		* php function registered with the server
		* @param string $data the xml request
		* @param string $req_encoding (optional) the charset encoding of the xml request
		* @return xmlrpcresp
		* @access private
		*/
		function parseRequest($data, $req_encoding='')
		{
			// 2005/05/07 commented and moved into caller function code
			//if($data=='')
			//{
			//	$data=$GLOBALS['HTTP_RAW_POST_DATA'];
			//}

			// G. Giunta 2005/02/13: we do NOT expect to receive html entities
			// so we do not try to convert them into xml character entities
			//$data = xmlrpc_html_entity_xlate($data);

			$GLOBALS['_xh']=array();
			$GLOBALS['_xh']['ac']='';
			$GLOBALS['_xh']['stack']=array();
			$GLOBALS['_xh']['valuestack'] = array();
			$GLOBALS['_xh']['params']=array();
			$GLOBALS['_xh']['pt']=array();
			$GLOBALS['_xh']['isf']=0;
			$GLOBALS['_xh']['isf_reason']='';
			$GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not
			$GLOBALS['_xh']['rt']='';

			// decompose incoming XML into request structure
			if ($req_encoding != '')
			{
				if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
				// the following code might be better for mb_string enabled installs, but
				// makes the lib about 200% slower...
				//if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
				{
					error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding);
					$req_encoding = $GLOBALS['xmlrpc_defencoding'];
				}
				/// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue,
				// the encoding is not UTF8 and there are non-ascii chars in the text...
				$parser = xml_parser_create($req_encoding);
			}
			else
			{
				$parser = xml_parser_create();
			}

			xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
			// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
			// the xml parser to give us back data in the expected charset
			xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);

			if ($this->functions_parameters_type != 'xmlrpcvals')
				xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast');
			else
				xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
			xml_set_character_data_handler($parser, 'xmlrpc_cd');
			xml_set_default_handler($parser, 'xmlrpc_dh');
			if(!xml_parse($parser, $data, 1))
			{
				// return XML error as a faultCode
				$r=&new xmlrpcresp(0,
				$GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser),
				sprintf('XML error: %s at line %d, column %d',
					xml_error_string(xml_get_error_code($parser)),
					xml_get_current_line_number($parser), xml_get_current_column_number($parser)));
				xml_parser_free($parser);
			}
			elseif ($GLOBALS['_xh']['isf'])
			{
				xml_parser_free($parser);
				$r=&new xmlrpcresp(0,
					$GLOBALS['xmlrpcerr']['invalid_request'],
					$GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']);
			}
			else
			{
				xml_parser_free($parser);
				if ($this->functions_parameters_type != 'xmlrpcvals')
				{
					if($this->debug > 1)
					{
						$this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++");
					}
					$r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']);
				}
				else
				{
					// build an xmlrpcmsg object with data parsed from xml
					$m=&new xmlrpcmsg($GLOBALS['_xh']['method']);
					// now add parameters in
					for($i=0; $i<count($GLOBALS['_xh']['params']); $i++)
					{
						$m->addParam($GLOBALS['_xh']['params'][$i]);
					}

					if($this->debug > 1)
					{
						$this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++");
					}

					$r = $this->execute($m);
				}
			}
			return $r;
		}

		/**
		* Execute a method invoked by the client, checking parameters used
		* @param mixed $m either an xmlrpcmsg obj or a method name
		* @param array $params array with method parameters as php types (if m is method name only)
		* @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only)
		* @return xmlrpcresp
		* @access private
		*/
		function execute($m, $params=null, $paramtypes=null)
		{
			if (is_object($m))
			{
				$methName = $m->method();
			}
			else
			{
				$methName = $m;
			}
			$sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0);
			$dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap;

			if(!isset($dmap[$methName]['function']))
			{
				// No such method
				return new xmlrpcresp(0,
					$GLOBALS['xmlrpcerr']['unknown_method'],
					$GLOBALS['xmlrpcstr']['unknown_method']);
			}

			// Check signature
			if(isset($dmap[$methName]['signature']))
			{
				$sig = $dmap[$methName]['signature'];
				if (is_object($m))
				{
					list($ok, $errstr) = $this->verifySignature($m, $sig);
				}
				else
				{
					list($ok, $errstr) = $this->verifySignature($paramtypes, $sig);
				}
				if(!$ok)
				{
					// Didn't match.
					return new xmlrpcresp(
						0,
						$GLOBALS['xmlrpcerr']['incorrect_params'],
						$GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}"
					);
				}
			}

			$func = $dmap[$methName]['function'];
			// let the 'class::function' syntax be accepted in dispatch maps
			if(is_string($func) && strpos($func, '::'))
			{
				$func = explode('::', $func);
			}
			// verify that function to be invoked is in fact callable
			if(!is_callable($func))
			{
				error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable");
				return new xmlrpcresp(
					0,
					$GLOBALS['xmlrpcerr']['server_error'],
					$GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method"
				);
			}

			// If debug level is 3, we should catch all errors generated during
			// processing of user function, and log them as part of response
			if($this->debug > 2)
			{
				$GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler');
			}
			if (is_object($m))
			{
				if($sysCall)
				{
					$r = call_user_func($func, $this, $m);
				}
				else
				{
					$r = call_user_func($func, $m);
				}
				if (!is_a($r, 'xmlrpcresp'))
				{
					error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object");
					if (is_a($r, 'xmlrpcval'))
					{
						$r =& new xmlrpcresp($r);
					}
					else
					{
						$r =& new xmlrpcresp(
							0,
							$GLOBALS['xmlrpcerr']['server_error'],
							$GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"
						);
					}
				}
			}
			else
			{
				// call a 'plain php' function
				if($sysCall)
				{
					array_unshift($params, $this);
					$r = call_user_func_array($func, $params);
				}
				else
				{
					// 3rd API convention for method-handling functions: EPI-style
					if ($this->functions_parameters_type == 'epivals')
					{
						$r = call_user_func_array($func, array($methName, $params, $this->user_data));
						// mimic EPI behaviour: if we get an array that looks like an error, make it
						// an eror response
						if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))
						{
							$r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);
						}
						else
						{
							// functions using EPI api should NOT return resp objects,
							// so make sure we encode the return type correctly
							$r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));
						}
					}
					else
					{
						$r = call_user_func_array($func, $params);
					}
				}
				// the return type can be either an xmlrpcresp object or a plain php value...
				if (!is_a($r, 'xmlrpcresp'))
				{
					// what should we assume here about automatic encoding of datetimes
					// and php classes instances???
					$r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates')));
				}
			}
			if($this->debug > 2)
			{
				// note: restore the error handler we found before calling the
				// user func, even if it has been changed inside the func itself
				if($GLOBALS['_xmlrpcs_prev_ehandler'])
				{
					set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']);
				}
				else
				{
					restore_error_handler();
				}
			}
			return $r;
		}

		/**
		* add a string to the 'internal debug message' (separate from 'user debug message')
		* @param string $strings
		* @access private
		*/
		function debugmsg($string)
		{
			$this->debug_info .= $string."\n";
		}

		/**
		* @access private
		*/
		function xml_header($charset_encoding='')
		{
			if ($charset_encoding != '')
			{
				return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n";
			}
			else
			{
				return "<?xml version=\"1.0\"?" . ">\n";
			}
		}

		/**
		* A debugging routine: just echoes back the input packet as a string value
		* DEPRECATED!
		*/
		function echoInput()
		{
			$r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string'));
			print $r->serialize();
		}
	}
?>